Showing 1 - 1 of 1

CVE-2018-16146

Status Candidate

Overview

The web management console of Opsview Monitor 5.4.x before 5.4.2 provides functionality accessible by an authenticated administrator to test notifications that are triggered under certain configurable events. The value parameter is not properly sanitized, leading to arbitrary command injection with the privileges of the nagios user account.

Related Files

Opsview Monitor 5.x Command Execution: Posted Sep 5, 2018; Authored by Core Security Technologies, Fernando Diaz, Fernando Catoira | Site coresecurity.com; Opsview Monitor versions 5.2, 5.3, and 5.4 suffer from cross site scripting and multiple remote command execution vulnerabilities.; tags | exploit, remote, vulnerability, xss; advisories | CVE-2018-16144, CVE-2018-16145, CVE-2018-16146, CVE-2018-16147, CVE-2018-16148; SHA-256 | 953c9d49a6ad47c20e9a9acc6d55ebbeea2a239ede57f492f4be332d89519ed1; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 134 files
Ubuntu 91 files
indoushka 33 files
Debian 22 files
nu11secur1ty 15 files
Gentoo 13 files
Apple 13 files
Google Security Research 8 files
CraCkEr 6 files
mjurczyk 4 files

File Archives

Systems

AIX (428)
Apple (2,016)
BSD (374)
CentOS (57)
Cisco (1,925)
Debian (6,846)
Fedora (1,692)
FreeBSD (1,245)
Gentoo (4,335)
HPUX (879)
iOS (355)
iPhone (108)
IRIX (220)
Juniper (68)
Linux (46,841)
Mac OS X (687)
Mandriva (3,105)
NetBSD (256)
OpenBSD (485)
RedHat (13,925)
Slackware (941)
Solaris (1,610)
SUSE (1,444)
Ubuntu (8,949)
UNIX (9,317)
UnixWare (186)
Windows (6,590)
Other

CVE-2018-16146

Overview

Related Files

File Archive:

September 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems